This EU GDPR Compliance Gap Assessment Tool has been created to help organisations kick-start their GDPR compliance project by assessing their current stance against the GDPR, helping them clearly establish areas for development, and plan and prioritise their project effectively.

The tool contains two tabs: one asks a series of questions about the GDPR to help establish the next steps for compliance with the Regulation; the other will help to identify processes that involve personal data. This is carried out as required by the Regulation.

The questions are grouped into sections:

Governance

Risk management

GDPR project

DPO

Roles and responsibilities

Scope of compliance

Process analysis

PIMS

ISMS, ‘integrity and confidentiality’ (Principle 6) and Article 32

Rights of data subjects

Answering these questions provides organisations with a high-level, colour -coded analysis of their state of compliance.

This tool is in Excel format and will work in any Microsoft environment; it does not need to be installed like software and it does not depend on complex databases. It relies on human involvement and basic knowledge of the GDPR.

It was not designed for conducting a detailed and granular compliance assessment.